Disk Encryption Vs. Filesystem-level Encryption
Disk encryption does not replace file or directory encryption in all situations. Disk encryption is sometimes used in conjunction with filesystem-level encryption with the intention of providing a more secure implementation. Since disk encryption generally uses the same key for encrypting the whole volume, all data is decryptable when the system runs. However, some disk encryption solutions use multiple keys for encrypting different partitions. If an attacker gains access to the computer at run-time, the attacker has access to all files. Conventional file and folder encryption instead allows different keys for different portions of the disk. Thus an attacker cannot extract information from still-encrypted files and folders.
Unlike disk encryption, filesystem-level encryption does not typically encrypt filesystem metadata, such as the directory structure, file names, modification timestamps or sizes.
Read more about this topic: Disk Encryption
Famous quotes containing the word disk:
“Unloved, that beech will gather brown,
This maple burn itself away;
Unloved, the sun-flower, shining fair,
Ray round with flames her disk of seed,
And many a rose-carnation feed
With summer spice the humming air;”
—Alfred Tennyson (1809–1892)